Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 6b3ecdd45f75ccf3e3dcaedd2a87f7ab4b321a92 / . / full / src / main / java / de / ids_mannheim / korap / authentication / BasicAuthentication.java
blob: c3538841036701647b4c9a52be047e0d65394438 [file] [log] [blame]
margaretha139d0f72017-11-14 18:56:22 +0100[diff] [blame]1package de.ids_mannheim.korap.authentication;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]2
margarethad4796662017-11-09 16:11:40 +0100[diff] [blame]3import java.util.Map;
4
margarethad4796662017-11-09 16:11:40 +0100[diff] [blame]5import org.springframework.beans.factory.annotation.Autowired;
6
margaretha56e8e552017-12-05 16:31:21 +0100[diff] [blame]7import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
8import de.ids_mannheim.korap.authentication.http.TransferEncoding;
margarethad4796662017-11-09 16:11:40 +0100[diff] [blame]9import de.ids_mannheim.korap.config.Attributes;
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]10import de.ids_mannheim.korap.config.FullConfiguration;
Michael Hanl19390652016-01-16 11:01:24 +0100[diff] [blame]11import de.ids_mannheim.korap.config.Scopes;
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]12import de.ids_mannheim.korap.config.TokenType;
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]13import de.ids_mannheim.korap.dao.UserDao;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]14import de.ids_mannheim.korap.exceptions.KustvaktException;
Michael Hanlf1e85e72016-01-21 16:55:45 +0100[diff] [blame]15import de.ids_mannheim.korap.exceptions.StatusCodes;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]16import de.ids_mannheim.korap.interfaces.AuthenticationIface;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]17import de.ids_mannheim.korap.user.TokenContext;
18import de.ids_mannheim.korap.user.User;
Michael Hanlcb2d3f92016-06-02 17:34:06 +0200[diff] [blame]19import de.ids_mannheim.korap.utils.StringUtils;
Michael Hanlc0ed00f2016-06-23 14:33:10 +0200[diff] [blame]20import de.ids_mannheim.korap.utils.TimeUtils;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]21
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]22/**
23 * Implementation of encoding and decoding access token is moved to
24 * {@link TransferEncoding}. Moreover, implementation of HTTP
25 * Authentication framework, i.e. creation of authorization header,
26 * is defined in {@link HttpAuthorizationHandler}.
margaretha4de41192017-11-15 11:47:11 +0100[diff] [blame]27 *
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]28 * Basic authentication is intended to be used with a database. It is
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]29 * currently only used for testing using a dummy DAO (@see {@link UserDao})
30 * without passwords.
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]31 *
32 * <br /><br />
33 * Latest changes:
34 * <ul>
35 * <li>Added userdao check
36 * </li>
37 * </ul>
38 *
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]39 *
40 * @author margaretha
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]41 * @date 01/03/2018
margaretha139d0f72017-11-14 18:56:22 +0100[diff] [blame]42 *
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]43 * @author hanl
44 * @date 28/04/2015
45 */
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]46public class BasicAuthentication implements AuthenticationIface {
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]47
margarethad4796662017-11-09 16:11:40 +0100[diff] [blame]48 @Autowired
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]49 private TransferEncoding transferEncoding;
50 @Autowired
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]51 private FullConfiguration config;
52// @Autowired
53// private EncryptionIface crypto;
margarethad4796662017-11-09 16:11:40 +0100[diff] [blame]54 @Autowired
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]55 private UserDao dao;
Michael Hanlc0ed00f2016-06-23 14:33:10 +0200[diff] [blame]56
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]57 @Override
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]58 public TokenContext getTokenContext (String authToken)
Michael Hanl19390652016-01-16 11:01:24 +0100[diff] [blame]59 throws KustvaktException {
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]60 String[] values = transferEncoding.decodeBase64(authToken);
margaretha6b3ecdd2018-03-01 18:23:56 +0100[diff] [blame^]61 User user = dao.getAccount(values[0]);
62
63 if (user != null) {
Michael Hanl7368aa42016-02-05 18:15:47 +0100[diff] [blame]64 TokenContext c = new TokenContext();
Michael Hanle25dea22015-09-24 19:37:56 +0200[diff] [blame]65 c.setUsername(values[0]);
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]66 c.setExpirationTime(TimeUtils.plusSeconds(this.config.getTokenTTL())
67 .getMillis());
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]68 c.setTokenType(getTokenType());
Michael Hanl19390652016-01-16 11:01:24 +0100[diff] [blame]69 // todo: for production mode, set true
70 c.setSecureRequired(false);
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]71 // EM: is this secure?
Michael Hanlcb2d3f92016-06-02 17:34:06 +0200[diff] [blame]72 c.setToken(StringUtils.stripTokenType(authToken));
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]73 // fixme: you can make queries, but user sensitive data is off limits?!
Michael Hanl19390652016-01-16 11:01:24 +0100[diff] [blame]74 c.addContextParameter(Attributes.SCOPES,
75 Scopes.Scope.search.toString());
Michael Hanl7368aa42016-02-05 18:15:47 +0100[diff] [blame]76 return c;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]77 }
Michael Hanl7368aa42016-02-05 18:15:47 +0100[diff] [blame]78 return null;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]79 }
80
Michael Hanl8abaf9e2016-05-23 16:46:35 +0200[diff] [blame]81
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]82 // not supported!
83 @Override
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]84 public TokenContext createTokenContext (User user, Map<String, Object> attr)
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]85 throws KustvaktException {
86 return null;
87 }
88
Michael Hanl8abaf9e2016-05-23 16:46:35 +0200[diff] [blame]89
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]90 @Override
Michael Hanl8abaf9e2016-05-23 16:46:35 +0200[diff] [blame]91 public void removeUserSession (String token) throws KustvaktException {
Michael Hanlf1e85e72016-01-21 16:55:45 +0100[diff] [blame]92 throw new KustvaktException(StatusCodes.NOT_SUPPORTED);
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]93 }
94
Michael Hanl8abaf9e2016-05-23 16:46:35 +0200[diff] [blame]95
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]96 @Override
margaretha58dbcfb2017-11-15 23:00:23 +0100[diff] [blame]97 public TokenContext refresh (TokenContext context)
98 throws KustvaktException {
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]99 return null;
100 }
101
Michael Hanl8abaf9e2016-05-23 16:46:35 +0200[diff] [blame]102
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]103 @Override
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]104 public TokenType getTokenType () {
105 return TokenType.BASIC;
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]106 }
107}